Fingerprints can be used for authentication in gdm and gnome-screensaver.

Fingerprints can be used for authentication in gdm and gnome-screensaver.

+

+

If you log in with a fingerprint, gnome-keyring cannot unlock the login keyring (since it uses the login password for that). Therefore, gnome-keyring will ask for your password the first time a secret is needed in the session.

+

+

Still to do:

+

- Integrate with multiple pam stacks feature

+

- Enable by default

+

- Replace icons

+

- Bug fixing

== Detailed Description ==

== Detailed Description ==

Line 59:

Line 67:

* To install the necessary packages to test this feature, on a stock Fedora 10 machine, run:

* To install the necessary packages to test this feature, on a stock Fedora 10 machine, run:

* The authentication dialogs should all behave similar wrt to fingerprints: gdm, gnome-screensaver, PolicyKit.

== User Experience ==

== User Experience ==

Line 107:

Line 123:

of supported fingerprint readers, see http://www.reactivated.net/fprint/wiki/Supported_devices.

of supported fingerprint readers, see http://www.reactivated.net/fprint/wiki/Supported_devices.

−

For upgrades from older versions of Fedora, and if pam_fprint was installed, the package itself as well as the changes to PAM configuration should be removed (unless major changes were done to the files, running authconfig as mentioned above will clear the previous changes).

+

For upgrades from older versions of Fedora, and if pam_fprint was installed, the package itself as well as the changes to PAM configuration should be removed (unless major changes were done to the files, running authconfig as mentioned above will clear the previous changes). Note that you will need to install the gdm-plugin-fingerprint package as well.

Enrollment support is in gnome-about-me, available in the control-center package in rawhide.

Fingerprints can be used for authentication in gdm and gnome-screensaver.

If you log in with a fingerprint, gnome-keyring cannot unlock the login keyring (since it uses the login password for that). Therefore, gnome-keyring will ask for your password the first time a secret is needed in the session.

Currently, using Fingerprint readers is a bit of a pain, and installing/using fprint and its pam module take more time than should ever be necessary. The goal of this feature is to make it painless by providing all the required pieces in Fedora, together with nicely integrated configuration.

Person installs a laptop/desktop system with a fingerprint-reader that's supported by fprint. A good way to find information about your fingerprint reader is to scan the output of lshal for 'Fingerprint Reader'.

Person sets their fingerprint in gnome-about-me

Person can log in using their fingerprint, and the session behaves the same whether logged in with password or fingerprint. In particular, gnome-keyring-daemon is running in both cases

Person deletes their fingerprint in gnome-about-me

Person can no longer log in with their fingerprint

Another thing to test: turning fingerprint support off in authconfig prevents login with fingerprint, but keeps the fingerprint data, so that turning it back on doesn't force people to re-enroll.

To install the necessary packages to test this feature, on a stock Fedora 10 machine, run:

Fedora 11 supports authentication using fingerprint readers. Before you can log in using your fingerprint,
you need to enable fingerprint authentication in authconfig (System → Administration → Authentication)
and enroll your fingerprint in gnome-about-me (System → Preferences → Personal → About Me). For a list
of supported fingerprint readers, see http://www.reactivated.net/fprint/wiki/Supported_devices.

For upgrades from older versions of Fedora, and if pam_fprint was installed, the package itself as well as the changes to PAM configuration should be removed (unless major changes were done to the files, running authconfig as mentioned above will clear the previous changes). Note that you will need to install the gdm-plugin-fingerprint package as well.

Red Hat, Red Hat Enterprise Linux, the Shadowman logo, and JBoss are trademarks or registered trademarks of
Red Hat, Inc. or its subsidiaries in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
The Fedora Project is maintained and driven by the community and sponsored by Red Hat. This is a community
maintained site. Red Hat is not responsible for content.